A flaw was discovered in Xpdf in that an attacker could construct a
carefully crafted PDF file that would cause Xpdf to consume all available
disk space in /tmp when opened. The Common Vulnerabilities and Exposures
project assigned the name CAN-2005-2097 to this issue.

Note this issue does not affect the version of Xpdf in Red Hat Enterprise
Linux 3 or 2.1.

Users of xpdf should upgrade to this updated package, which contains a
backported patch to resolve this issue.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system: